Tag Archives for " Germany "

With the Cambridge Analytica scandal, data privacy finally hit the mainstream. In Berlin there’s a long tradition of fighting for data protection that reaches back to the pre-digital era. It’s worth taking a look at that history.

Share this:

Deutsche Telekom is not required to store communications data from its customers under Germany’s data retention laws given that these laws are incompatible with European law, ruled the Administrative Court of Cologne.

The court said it was following a ruling from the Higher Administrative Court of Muenster last year that found Germany’s data retention regime violated EU law by exceeding limits the European Court of Justice (ECJ) imposed on the extent of data retention in its own prior ruling. Given the primacy of EU law over domestic law, Telekom is not required to follow the German legislation as a result in this case, it said.

Share this:

Google is not obligated to ensure websites are free from defamatory content before displaying links to them in search results, Germany’s highest court ruled on Tuesday.

The case, which comes in the context of debate about the so-called “right to be forgotten”, had been brought by two individuals seeking Google to prevent its search engine from displaying links to websites on which they were verbally attacked by other internet users.

Share this:

In just under 100 days, the EU General Data Protection Regulation (GDPR) enters into force. One of the major changes the GDPR introduces is a duty for in-scope controllers and processors to maintain written records of their processing activities.

Under Article 30 GDPR, companies will need to inventory all “processing activities under [their] responsibility” and memorialize them in a written record setting forth, inter alia, the purposes of processing operations, international transfers, and retention periods.

Share this:

Germany’s Federal Constitutional Court has accepted a complaint filed by the activist group Digital Courage and the Working Group against Data Retention (AKV) seeking to overturn Germany”s controversial data retention laws.

The two co-plaintiffs had collected over 29,000 signatures from citizens in their complaints against the blanket storage of telecommunications data permitted by the law. While a date for a hearing on the matter has not been set, it is still possible for the court to handle this complaint in 2018.

Share this:

The Higher Administrative Court for North Rhine-Westphalia (‘the Court’) announced, on 26 February 2018, that it had filed a request for a preliminary ruling with the Court of Justice of the European Union (‘CJEU’), seeking clarification on whether webmail providers are considered electronic communications services under Article 2 of the Framework Directive (Directive 2002/21/EC) (‘the Directive’).

The proceedings before the Court originated from a legal dispute between the Federal Network Agency for Electricity, Gas, Telecommunications, Post and Railway (‘Bun­desnet­za­gen­tur’) and Google, Inc. over the Bun­desnet­za­gen­tur’s classification of Gmail as a telecommunications service within the meaning of the Telecommunications Act 1996 (‘TKG’).

Share this:

A German court ruled that Facebook’s real name policy is illegal and that users must be allowed to sign up for the service under pseudonyms to comply with a decade-old privacy law. The ruling, made last month but only now being announced, comes from the Berlin Regional Court and was detailed today by the Federation of German Consumer Organizations (abbreviated from German as VZBV), which filed the lawsuit against Facebook.

Facebook says it will appeal the ruling, but also that it will make changes to comply with European Union privacy laws coming into effect in June, according to Reuters. “We are working hard to ensure that our guidelines are clear and easy to understand, and that the services offered by Facebook are in full accordance with the law,” a Facebook spokesperson said.

Share this:

Under the European General Data Protection Regulation (GDPR), which will start to apply on 25 May 2018, many companies will be required to appoint a Data Protection Officer (DPO). Violating the requirements relating to the appointment of a DPO can be sanctioned with fines of up to EUR 10 million or up to 2 percent of the total worldwide annual turnover, whichever is higher.